Real Time Payments, Real Time Risk

What measures will banks need to take to handle risk in a real time payments environment?

The Federal Reserve is considering paths to a faster payments system in the U.S., but speeding up settlements of payments will present bank with new challenges for managing fraud risk. Banks right now rely on having time to sift through their transactions to identify those that need to be reviewed manually for possible fraud, Erik Stein, Capital One’s director of fraud defenses and new opportunities, said during a presentation at BAI Payments Connect 2014 yesterday.

“We use a lot of day-two defenses, with different kinds of reviews and alerts and communications to customers,” Stein commented.

In a real time payments environment, banks won’t have that time to validate to transactions and customers will expect almost instant confirmation that their funds have been sent or received. Additionally banks will have to consider how their risk management controls and protocols for real time payments will integrate with the rest of their fraud infrastructure, Joan Pappas, a banking officer for Bank of America, noted. “Our biggest concern is what will the framework look like… and how will it work with all of the other things that we have to manage,” she said during the panel discussion, titled “Customer Expectation, Banker Challenge: Managing the Risk in Real time Payments.”

To meet compliance and prevent fraud in a real time payments system, banks will need to be able to make the decision of whether or not to review each transaction with a real time decisioning tool, Pappas said. “We’re going to have to filter transactions up front and be able to detect [fraudulent transactions] and communicate with the customer in real time so we ensure that we are looking at those few transactions that require manual review,” she explained.

Th bankers on the panel made it clear that for a faster payments system to work, regulators (in this case the Fed) will need to spell out specific ground rules that apply to all the players around limits and liabilities for transactions that can be processed through the real time rails. “What happens when there is a dispute? We need [the Fed] to set the ground rules for that,” Pappas commented.

If banks can put in place real time fraud prevention and alert capabilities they potentially could stop more fraud in a faster payments environment, Peter Gordon, the general manager of FIS’s PayNet real time payments network, said during the discussion. “A lot of people are concerned about the risk [of real time payments] -- but if you have fraud remediation capabilities with richer real time data, and the ability to stop a payment in real time, then that will help manage risk,” Gordon mentioned.

The U.S. can take some lessons from other faster payments initiatives to help address fraud risk, Capital One’s Erik Stein added. Some banks in the U.K. set very strict thresholds for the size of transactions that they would allow to be moved in real time when the U.K. first rolled out its faster payments system, Stein noted. One bank even set its limit for a real time transaction at 10 pounds, he shared. Although that case might be a little extreme, the U.K. has seen volumes of transactions increase dramatically to approximately $1.25 trillion last year, and are now thinking about raising the limit for a single transaction to one million pounds, Stein told the audience.

Banks and other stakeholders will also have to take into consideration the fact that credits are more suitable from a risk perspective to real payments than debits, FIS’s Gordon added. “Debits can cause more fraud problems [from a real time perspective] because they give access to accounts. Our PayNet network supports credits and debits, but we think that credits will be the no. 1 transaction,” Gordon explained.

It will take years to implement a faster payments system, and with more regulations coming into effect and an ever-changing fraud landscape, creating some flexibility in terms of rules and protocols for dealing with risk will also be important, Sean Rodriguez, SVP of the Federal Reserve said during the panel. “We need to think about a good way to educate on the regulatory framework, and we also need to implement a way to easily change the framework. The Fed is going to have to be the catalyst for that,” he noted.

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

I think the limits on transaction size are also going to be an important part at the beginning of the process in getting banks comfortable with fraud monitoring in real time and gain an understanding of how their processes and tools can be improved before starting to allow bigger transactions through the real time rails.

The key is going to be in building risk profiles for each customer and each type of transaction that can be used to judge quickly if an individual transaction needs to be held up for any reason. I can definitely see a use for in-memory analytics to help build those profiles from the bank's data (and probably other sources as well).